Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

exim rejected RCPT not dropping smtp connection afterwards

Discussion in 'E-mail Discussions' started by skez, Mar 14, 2006.

  1. skez

    skez Registered

    Feb 22, 2003
    Likes Received:
    Trophy Points:
    Hey all,

    I have a server that keeps having problems with "refused: too many connections" errors. After installing dictionary attack ACLs which helped somewhat, I kept investigating why there were so many concurrent connections to smtp port 25.

    What I found is that when a connection is opened and then the potential email rejected with a 'rejected RCPT' message that the smtp connection of the sender is not closed - I'm not sure if that is because the sender is not closing it, or because something is wrong with exim, although it seems that after the connection and the rejected RCPT that exim would close the connection.

    As an example, a message that just came in:

    2006-03-14 14:16:59 SMTP connection from []:3114 I=[xx.xx.xx.xx]:25 (TCP/IP connection count = 17)
    2006-03-14 14:17:01 H=( []:3114 I=[xx.xx.xx.xx]:25 F=<> rejected RCPT <>: no such address here

    The problem is that 5 minutes later the SMTP connection is still ESTABLISHED as per netstat:

    Tue Mar 14 14:21:10 PST 2006
    tcp 0 0 xx.xx.xx.xx:25 ESTABLISHED

    It takes until a little bit longer than that for it even to hit a FIN_WAIT2 which it hangs on still for a long time:

    Tue Mar 14 14:22:08 PST 2006
    tcp 0 0 xx.xx.xx.xx:25 FIN_WAIT2

    If the exim server could drop the connection immediately after the rejected RCPT it would free up the connection for others and would eliminate my connection refused errors due to open connections running out.

    Anyone know how to get that accomplished?

  2. chirpy

    chirpy Well-Known Member

    Jun 15, 2002
    Likes Received:
    Trophy Points:
    Go on, have a guess
    Do you have any other custom ACL's? If so, make sure that none of them are using the delay command.

Share This Page